I have a project to register grades in a school and I need the information generated within the system to be stored based on the school year that the user of the system requires.
The application incorporates Passport.js for user authentication, the authentication process works perfectly but I decided to add an additional field ( anio_lectivo
) to the login form to select the school year in which you want to work.
Now, the idea is that based on the selected school year I capture its identifier to be able to use it, for example, when entering a student's grades, the 'school_year' that the system user selected is also recorded.
Below I attach the source code of the passport.js authentication, the login works correctly but I see the need to capture the identifier anio_lectivo
and store it in the session variable to use it in internal operations.
To capture it and add it to the session variable, I've added a few lines of code that are identified by the //TODO:
.
const passport = require('passport');
const LocalStrategy = require('passport-local').Strategy;
const db = require('../../databaes');
const bcrypt = require('./helpers');
var al;
passport.use('local.signin', new LocalStrategy({
usernameField: 'username',
passwordField: 'password',
passReqToCallback: true
}, async (req, username, password, done) => {
try {
al = req.body.anio_lectivo; //TODO: obtengo el id del año lectivo seleccionado
let user = await db.query('SELECT * FROM user WHERE username = ? AND user_state = 1', [username]);
if (user.length > 0) {
user = user[0];
if (await bcrypt.matchPassword(password, user.password)) {
done(null, user, req.flash('type', 'success'), req.flash('message', `Bienvenido ${user.fullname}`));
} else {
done(null, null, req.flash('type', 'warning'), req.flash('message', 'La contraseña es incorrecta'))
};
} else {
done(null, null, req.flash('type', 'danger'), req.flash('message', `El usuario "${username}" no existe. `));
}
} catch (e) {
console.log(`-> ERROR in passport.js message: ${e.message}`);
return e;
}
}));
passport.serializeUser((user, done) => {
done(null, user.iduser);
})
passport.deserializeUser(async (id, done) => {
try {
let user = await db.query('SELECT * FROM user JOIN rol on rol.idrol = user.rol_idrol where iduser = ? ', [id]);
//TODO: obtengo el anio_lectivo que el usuario selecciono
const anio_lectivo = await db.query('SELECT * FROM anio_lectivo WHERE idanio_lectivo = ?', [al]);
//TODO: añado el id a la variable de sesión
if (anio_lectivo.length > 0) {
user[0].idanio_lectivo = anio_lectivo[0].idanio_lectivo;
user[0].anio_lectivo = anio_lectivo[0].anio_lectivo;
}
done(null, user[0]);
} catch (e) {
console.log(`-> ERROR in passport.js@deserializeUser message: ${e.message}`);
return e;
}
});
Now, this works at a glance, I can perform the operations in the application and store them based on the ´idanio_lectivo´ that the user selects. But the big problem arises when another user accesses his profile and selects a different school year. Then it happens that in the session variable the last idanio_lectivo
one that was selected at the beginning of the session is registered.
In other words: The 'Administrator' user is working normally in the academic year 2018-2019
and suddenly the user logs in Secretaria
and accesses the application with the academic year 2019-2020
, now the system will reflect both users the last academic year with which it started the session in the system.
What can I do so that each user works according to the 'school_year' they need. Perhaps store that identifier in the database together with the user information that passport.js registers and if so, how can I do it?